4. * Source: American Banker 3/4/2015, Bank Technology News by Penny Crosman
THE EVOLVING LANDSCAPE
Cyber security threats have evolved exponentially with
the rapid adoption of cloud computing, mobile
technology, and remote access.
You can protect your business by staying abreast
of the latest emerging threats.
“Fraud prevention and protection is a lot like squeezing
Jello,” said Dr. Stephen Coggeshall, chief scientist at
LifeLock, which sponsored the Javelin study. “When you
stop it in one place, it squirts out someplace else.”*
5. Cyberattacks affect
‘nearly every
single company’
Cyberattacks are affecting nearly every
single company we encounter, but
we’re not seeing those attacks drive
enough proactive business action as
evidenced by the rate of investment
made in information security,” said
Greg Bell, KPMG Cyber US Leader.
“We’re still seeing companies taking a
passive or reactive approach toward
cybersecurity, when in fact cyber
should be a top-line business issue
thought about and practiced company-
wide.”
http://www.welivesecurity.com/2016/
07/27/cyberattacks-affect-nearly-
every-single-company/
6. We Will All Be
Cyberattacked, Ex-FBI
Cybercrime Agent Says
The odds of a person
eventually suffering a
cyberattack are “pretty much
100% at this point,” according
to Bill Slattery, a former FBI
special agent in the cyber
division who now investigates
cybercrime for Facebook.
http://www.thinkadvisor.com/2016/09
/23/we-will-all-be-cyberattacked-ex-
fbi-cybercrime-age?ref=hp-financial-
news&slreturn=1474918683
7. “There are 2 kinds of people – those
that were hacked, and those who
don’t realize they were.”
9. Recent Infragard Update
• A Private Industry Notification (PIN) concerning Wireless Keystroke
Logger Disguised as USB Device has been posted to the InfraGard
system.
Summary
KeySweeper is a covert device that resembles a functional Universal
Serial Bus (USB) enabled device charger which conceals hardware
capable of harvesting keystrokes from certain wireless keyboards. If
placed strategically in an office or other location where individuals
might use wireless devices, a malicious cyber actor could potentially
harvest personally identifiable information, intellectual property,
trade secrets, passwords, or other sensitive information. Since the
data is intercepted prior to reaching the CPU, security managers
may not have insight into how sensitive information is being stolen.
10. Deloitte Consulting
Beneath the surface of a
cyberattack July 2016
Beneath the surface of a cyberattack A deeper look at business impacts
Fourteen cyberattack
impact factors
Technical
investigation
Customer breach
notification
A wide range of direct and/or
intangible costs contribute to
the overall impact of a major
cyber incident.
Post-breach
customer protection
Regulatory
compliance
Public relations
Attorney fees
and litigation
Cybersecurity
improvements
Insurancepremium
increases
Increasedcost
to raise debt
Impact of operational
disruptionordestruction
Lost value of customer
relationships
Value of lost
contract revenue
Devaluationof
trade name
Loss of intellectual
property
Above the surface
better-known cyber incident costs
Beneath the surface
hidden or less visible costs
Technical Investigation
Customer breach notification
Post-breach customer protection
Regulatory Compliance
Public Relations
Attorney fees and litigation
Cybersecurity improvements
----------------------------------------
Insurance premium increases
Increased cost to raise debt
Impact of operational disruption or
destruction
Lost value of customer relationships
Value of lost contract revenue
Devaluation of trade name
Loss of intellectual property
11. Data of 200 million
Yahoo users offered for sale
• This batch is being sold
for 3 bitcoins (a little over
$1,860), and apparently
contains the username,
MD5-hashed password,
and date of birth of some
200 million users, and
backup email addresses,
country and ZIP code of
US users.
• https://www.helpnetsecurity.com/2016/08/02/data-yahoo-users-
sale/
12. Yahoo Breach Could Delay
$4.8 Billion Verizon Takeover
• Verizon may revisit
contract with Yahoo on
doubts of vulnerabilities
in the system after 500
million accounts were
found hacked.
• http://www.darkreading.com/attacks
-breaches/yahoo-breach-could-delay-
$48-billion-verizon-takeover/d/d-
id/1327004
• The news that 500 million
Yahoo accounts were
breached by hackers may
not jeopardize the tech
company’s deal with
Verizon, but it could delay
it as the telecom giant
takes a closer look at the
legal ramifications, says
NBC News.
14. Tweet Much? 6/9/16
http://techcrunch.com/2016/06/08/twitter-hack
• Passwords for 32M Twitter accounts may have been hacked and
leaked
• Hackers may have used malware to collect more than 32 million
Twitter login credentials that are now being sold on the dark web.
Twitter says that its systems have not been breached.
• Other major security compromises which have hit the news
recently include a Myspace hack that involved over 360 million
accounts, possibly making it the largest one ever, and the leak of
100 million LinkedIn passwords stolen in 2012.
• by Catherine Shu (@catherineshu), Kate Conger (@kateconger)
15. That’s NOT what I said!
Flaw Allowed Hackers To Change Conversations
in Facebook Messenger June 2016
• By exploiting this vulnerability, cybercriminals
could change a whole chat thread without the
victim realizing. What’s worse, the hacker
could implement automation techniques to
continually outsmart security measures for
long-term chat alterations.
• http://www.crm-daily.com/story.xhtml?story_id=020001IA1JQ0
• By Jef Cozza / CRM Daily
16. 68 million Dropbox passwords stolen by hackers
• If you hadn’t changed your password
since mid-2012, there’s not much
reason to worry: since Dropbox
forced a password reset on those
accounts…
• However, if you’ve used the same
email address and password
combination on other services, you’ll
want to change those right away. It’s
common for hackers to try using
credentials from one company
breach on other services and
accounts.
• 2016 has not been a good year for
online security.
• Earlier this year, 32 million Twitter
passwords were put up for sale on
the Deep Web for just $5,807
• In May, 117 million LinkedIn account
details were available for $2,200, and
45 million users’ credentials were
stolen from numerous forums
operated by a single company.
• If you’re concerned about the safety
of your online accounts, now would
be a good time to try out a password
manager like 1Password and enable
two-factor authentication on every
service that offers it.
17. Hackers compromise nearly 16,000
WordPress websites
• According to security researcher
Daniel Cid, at least 15,769 WordPress
websites have been compromised
this year by cyber-attackers who
were able to evade Google's Safe
Browsing checks.
• The report also found that 3099
Joomla! sites were hacked during
that time as well.
• Almost three quarters of the
compromised sites in the Sucuri
report all shared one characteristic,
they were backdoored. By placing a
backdoor on these sites, hackers
gained a new way of loading
malicious payloads, targeting visitors
and in the future these same sites
could be used for further attacks.
19. City of Tallahassee
Fraud Alert
Beware of Recent Phone Scam Targeting City of
Tallahassee Utility Customers
Several City Utility customers have reported receiving phone
calls from individuals identifying themselves as City of
Tallahassee Utilities representatives. The caller indicates that
the account is past due and threatens utility service
disconnection - usually within an hour - if immediate payment
is not made.
Please be advised that these calls are NOT authorized or affiliated with City Utilities. Your
Own Utilities does not conduct business in this manner. The City will not request its customers
to provide payment in the form of Green Dot, Account Now, Vanilla cards or any other type of
prepaid card.
Customers can make payments online, by phone, mail or automatic bank draft, as well as in
person at the Frenchtown Renaissance Center, 435 N. Macomb St., or at one of many remote
payment locations throughout Tallahassee.
If you receive a suspicious call that you believe may be a scam, contact Your Own Utilities at
891.4YOU (4968) to confirm the call. This will allow the City to document the activity and
continue to work with the Tallahassee Police Department to prevent fraud. Thank you.
20. Types of Attacks on Banks/Clients
• Verizon's Data Breach
Investigation Report is different.
The telecom giant creates it in
concert with more than 67
organizations, government
agencies among them. Notable
contributors include the U.S.
Secret Service, the U.S.
Emergency Computer Readiness
Team, the Anti-Phishing Working
Group, the National
Cybersecurity and
Communications Integration
Center, Kaspersky Lab, Cisco
Security Services and EMC.
• http://www.americanbanker.com/news/bank-
technology/where-banks-are-most-vulnerable-to-
cyberattacks-now-1080671-1.html?
21. How did they do it?
http://www.theregister.co.uk/2016/04/26/verizon_breach_report
• From Verizon's ninth annual Data Breach Investigations Report (DBIR) provides
an analysis of over 100,000 security incidents and 2,260 confirmed data
breaches last year
• Hackers are getting faster whilst defenders are treading water. Over 99 per
cent of attacks compromise systems within days (four out of five do it within
minutes), and two-thirds of those siphon off data within days (a fifth do it in
minutes).
• This year, less than a quarter of breaches were detected within the same
timeframe – meaning attackers have almost always gotten away with the
goods before anyone notices.
• Nearly two-thirds of all breaches are still traced back to weak or stolen
passwords – a basic security failure.
23. These are the 25 worst passwords of 2015
• Here’s Splashdata's complete list of the 25 worst passwords for 2015, with their ranking from 2014
in brackets:
• 1.123456 (Unchanged) 2.password (Unchanged)
• 3.12345678 (Up 1) 4.qwerty (Up 1)
• 5.12345 (Down 2) 6.123456789 (Unchanged)
• 7.football (Up 3) 8.1234 (Down 1)
• 9.1234567 (Up 2) 10.baseball (Down 2)
• 11.welcome (New) 12.1234567890 (New)
• 13.abc123 (Up 1) 14.111111 (Up 1)
• 15.1qaz2wsx (New) 16.dragon (Down 7)
• 17.master (Up 2) 18.monkey (Down 6)
• 19.letmein (Down 6) 20.login (New)
• 21.princess (New) 22.qwertyuiop (New)
• 23.solo (New) 24.passw0rd (New)
• 25.starwars (New)
• http://www.pcworld.com/article/3024252/security/these-are-the-25-worst-passwords-of-2015.html
24. Password Sharing Is Now a Crime
• Unless Netflix specifically authorizes you to share
your password with your friend, you're breaking
federal law.
• As a result, the court turned anyone who has
ever used someone else's password without the
approval of the computer owner into a potential
felon.
• The Computer Fraud and Abuse Act has been a
disaster for many reasons, this being one of
them. There will be an appeal of this ruling.
• https://www.schneier.com/blog/archives/2016/07/password_sharin_1.html
25. 20 percent of employees would sell their passwords
By Ian Barker http://betanews.com/2016/03/21/employees-would-sell-passwords/
• According to new research from identity management company
SailPoint one in five employees would be willing to sell their work
passwords to another organization, up from one in seven last year.
• Of those who would sell their passwords, 44 percent would do it for
less than $1,000, and some for less than $100. This is made worse
by the fact that 65 percent admit to using a single password among
applications and 32 percent share passwords with their co-workers.
• Other findings include the worrying fact that more than two in five
employees still have corporate account access after they leave their
job. In addition 26 percent uploaded sensitive information to cloud
apps with the specific intent to share data outside the company
26. Internal Access Controls
• Smaller-scale data loss, however, is often as a
result of authorized employees simply exploiting
their privileged access rights. This is where user
access control can be an extremely challenging
area for many businesses … especially in light of
the increasing bring your own device
(BYOD) trend.
• http://www.computerweekly.com/opinion/Security-Think-Tank-Many-
breaches-down-to-poor-access-controls
27. Insider Dealing – Access Control
Source: Feb 2016 Florida Trend
Build your “Employee Firewall”
28. Internal Controls – FDIC Breach
http://www.americanbanker.com/news/bank-technology/what-banks-can-learn-from-the-fdic-data-breach-1080452-
1.html?utm_medium=email&ET=americanbanker:e6511893:4495691a:&utm_source=newsletter&utm_campaign=abla%20daily%
20briefing-apr%2015%202016&st=email&eid=fde53dfe86654ae08b6cdc3d7e83eee0
• On Friday, Feb. 26, an FDIC employee was
packing up; it was her last day at the agency.
She downloaded some personal files, such as
family photos and her resume, from her work
computer onto a USB drive to take home. At
the same time, the FDIC later discovered, she
inadvertently downloaded 44,000 customer
records, including personally identifiable
information, onto the portable device.
29. FDIC's report to Congress mentions 20
information breaches during the 2015 fiscal year
• The agency's chief information officer, Lawrence Gross, told the panel
Thursday that seven other incidents that had involved a departing employee
downloading sensitive data on a zip drive — which were reported to
Congress — all were accidental in nature.
• "The individuals involved in those incidents were not computer proficient,"
Gross said. So much so, he added, that they could "inadvertently copy the
entire hard drive."
• For example, there were instances where sensitive financial institution
information was mistakenly provided to a non-authorized party via an
inadvertent email or via posting to an information exchange site in the
wrong location," the report says. "The unauthorized parties were contacted
in each case to destroy the sensitive information."
• http://www.americanbanker.com/news/law-regulation/fdic-employee-took-big-banks-living-wills-on-the-way-out-1080987-
1.html?utm_medium=email&ET=americanbanker:e6714062:4495691a:&utm_source=newsletter&utm_campaign=abla%20daily%20briefing-
may%2013%202016&st=email&eid=fde53dfe86654ae08b6cdc3d7e83eee0 May 12, 2016 by Lalita Clozel
30. It’s not just the breach …
It’s the reporting! Florida Trend
31. Florida Information Protection Act
• Defines “personal information” breached
• 30 day discovery notice required to consumers
• 3rd party agents of covered entities get 10 days
• If involves >500 FL residents, notify State
• Business & State entities must reasonably protect
data
• Penalties up to $1000/day for 1st 30 days & $50k
each subsequent 30 days to 180 days
• http://www.akerman.com/documents/res.asp?id=2002
32. 700,000 IRS Files Breached
Those who were hacked, & those who don’t know they were!
34. 9 sentenced in $2.6M income tax refund case
Tallahassee Democrat 5:01 p.m. EDT June 24, 2016
• Four Big Bend residents are among nine people
sentenced this week on federal charges, including
more than $2.6 million in income tax refunds.
• Used stolen personal identifying information
from approximately 2,800 individuals.
• The sources of the personal information included
an insurance provider, an online database, and
an area hospital…according to U.S. District's
Attorney's office.
35. Wifi & Bluetooth
• Never use Wifi outside your home for private
info, or better yet – not at all
• If you are going to use Wifi, be sure you know
what you’re using … but how can you?
• Never auto-connect
• Lock your home Wifi by creating a password
• WIFI Keyboard & CPU hard drive readers
• Beware of Bluetooth – turn it off in a crowd
• It’s a line of sight exposure, if not paired/active
36. 29% of Android devices can’t be
patched by Google
• Apple CEO Tim Cook put on screen at
Apple’s WWDC developers conference
a slide of a pie chart showing that 99%
of mobile malware was on Android.
• https://nakedsecurity.sophos.com/2016/04/21/29-of-android-devices-cant-be-patched-by-google
37. Mobile device infections rose 96
percent in the first half of 2016
• One out of 120 smartphones
infected: In April, one out of
every 120 smartphones had
some type of malware
infection.
• Android OS hit hardest:
Android smartphones were
the most targeted mobile
platform, accounting for 74
percent of all malware
infections compared to
Window/PC systems (22
percent), and other platforms,
including iOS devices (4
percent).
38. Android Trojan targets customers of major banks and can bypass 2FA
By Ian Barker http://betanews.com/2016/03/09/android-banking-trojan/
Researchers at security company ESET have uncovered a new strain of Android
malware that can steal the login credentials of mobile banking users.
Named Android/Spy.Agent.SI, the malware presents victims with a fake version
of the login screen of their banking application and locks the
screen until they enter their username and password.
Using the stolen credentials, thieves can then log in to the victim's account remotely
and transfer money out. They can also use the malware to send them all of the
SMS text messages received by the infected device, and remove them.
40. Ransomware - it happens here …
• Coaxis as Cloud backup provider
41. Stampedo Ransomware Available for Just $39
http://betanews.com/2016/07/18/stampedo-ransomware/
• A new variant of ransomware has
been found for sale on the dark
web for an incredibly low price
that allows its victims 96 hours to
pay a fee.
• This new piece of ransomware is
called Stampedo and it is
available for only $39 which
includes a lifetime license. Once it
has infected a user’s system, a
fee must be paid within the
allotted time in order to regain
access. If a user fails to pay the
fee, Stampedo begins to delete
random files on their computer
within six hour intervals.
42. Ransomware customer service:
Negotiation is always on the table
Can negotiating with ransomware operators result in a reduced fee?
By Charlie Osborne for Zero Day | July 18, 2016 -- 07:00 GMT (00:00 PDT) | Topic: Security
http://www.zdnet.com/article/ransomware-customer-service-negotiation-is-always-on-the-table/
• Cyberattackers running
ransomware campaigns
are usually willing to
negotiate if it means
exhorting any payment at
all from victims,
researchers claim.
• Demands for payment
go from $200 to
thousands of dollars.
• 3 of 4 gangs negotiate
44. Where are the bad guys?
http://betanews.com/2016/04/19/us-malware-hosting/
According to a new report from German security company G DATA,
more malicious websites were hosted in the US in 2015 than in any
other country, originating around 57 percent of recorded attacks.
China, Hong Kong, Russia and Canada are also major hosts of
malware, though Europe is little in evidence, only Germany and Italy
making the top seven and accounting for just six percent between
them.
48. PHISHING
Impersonation Tactics
• PHISHING: A bogus email or text that appears to be from a business claiming you
do business with them. They request you click on their link.
• SPEAR PHISHING: A bogus e-mail that appears to be from a business or someone
you know. It often appears as a “reply” to a previous conversation you had with
that business or person.
• MASQUERADING or BOSS PHISHING: Hackers infiltrate email networks,
impersonate executives and send instructions that perpetrate wire fraud.
• BEC or BUSINESS EMAIL COMPROMISE: Scammers seek to socially engineer the
employees of a business & similar domain names to gain access.
• WHALING: Where the CEO/boss is impersonated in emailing instructions to send $
49. Phishing Defense
• 73% of corporate finance and treasury
executives surveyed by the Association for
Financial Professionals reported that their
companies experienced attempted or actual
payments fraud in 2015.
• That’s up from 62% in 2014.
• http://www.americanbanker.com/news/bank-technology/how-to-become-unphishable-
1080199-1.html?pg=1
50. Uber's Phishing Tale Can Teach Banks
a Lot About Security
• We've had a couple of different instances
where we've gotten more than a million
[phishing attacks] in a single day," said Chris
Cravens, head of technology services at Uber.
• http://www.americanbanker.com/news/bank-technology/ubers-phishing-tale-can-teach-banks-a-lot-about-security-
1081314-
1.html?utm_medium=email&ET=americanbanker:e6857673:4495691a:&utm_source=newsletter&utm_campaign=daily%20
briefing-jun%203%202016&st=email&eid=fde53dfe86654ae08b6cdc3d7e83eee0
51. Local Text Phishing Scam 5/12/16
http://www.wctv.tv/home/headlines/Potential-Victim-Avoids-Scam-379286571.html
• Valerie Wickboldt, a
SunTrust Bank customer,
says she was surprised
when she got a text
message from a potential
scammer.
• It reads ' your debit card
has been locked please
call' and a number was
provided.
• The number to contact
the state AG office is 866-
9-NO-SCAM.
53. How to … boldly made easier
• Phishers are creating YouTube channels to
document their attacks
• Phishing attacks have linked back to YouTube
channels where phishers explain their attacks
and promote their tools while looking for
buyers.
• http://www.symantec.com/connect/blogs/phishers-are-
creating-youtube-channels-document-their-attacks
54. Symantec recently discovered a phishing site for Amazon.com
which didn't seem particularly noteworthy at first. However,
looking at the HTML source revealed an interesting comment
from the attacker. The following figure shows a "brag tag" that
details the name of the scam, "Scama Amazon 2016,” along with
the attacker's name, website, and even a YouTube channel.
55. Banking Trojans Expand Their Reach
Report: New Botnet Targets Include App Stores,
Shipping Organizations, Many OthersTracy Kitten
(FraudBlogger) • February 22, 2016
• "They need to make sure that their users
don't click on links in an email," he says. "This
is still the primary entry point for most
criminals.“
• http://www.bankinfosecurity.com/banking-trojans-expand-their-reach-a-8886
56. Regulation E: Electronic Fund Transfers
12 CFR 205 www.federalreserve.gov
• Section 205.6 Liability of consumer for
unauthorized transfers
• Limits a consumer's liability for unauthorized
electronic fund transfers, such as those arising
from loss or theft of an access device, to $50;
if the consumer fails to notify the depository
institution in a timely fashion, the amount
may be $500 or unlimited.
57. When Cyberfraud Hits Businesses, Banks May Not Offer Protection - NPR
Updated October 7, 2015 6:12 PM ET Published September 15, 20155:04 AM ET
• It turned out a cybercrook had
commandeered the debit card he used to
cover the costs of foreign trips. Krier
expected that his bank would reimburse
him.
24 Hours?!?!
• At first, he says, the staff at the local bank
said, "Not a problem." But later, Krier says,
that bank told him, "It's a business
account, so you're out of luck.“
58. NPR Story – continued…
• Cyberthieves hacked his email account, impersonated him and
transferred more than $1 million through U.S. domestic accounts to an
account in China.
• That's because the thieves also had access to his Outlook calendar. It
meant the cybercrooks could safely impersonate Rolfe and write emails
telling his bookkeeper to transfer funds to their bank accounts. The
thieves could respond to any questions from Rolfe's bookkeeper and then
delete all those communications from the account before Rolfe returned
from his meetings and checked his email again.
• The most recent FBI data show a huge growth in this kind of fraud. More
than 8,000 companies have been victimized over the past two years.
Their losses total nearly $800 million.
• The law does require banks, under the Uniform Commercial Code, to
offer business customers a "commercially reasonable" security protocol.
If the bank follows that protocol, it can refuse to reimburse businesses
that are victims of fraudulent money transfers.
59. • Johnson says the best way forward is for
banks to inform their customers about the
dangers they face so they can work together
to beat the bad guys.
• He offers these tips to businesses: educate
your employees, change passwords often,
require two-person approval for fund
transfers, and dedicate a single computer to
be used only for financial transactions.
• http://www.npr.org/sections/alltechconsidered/2015/09/15/440252972/whe
n-cyber-fraud-hits-businesses-banks-may-not-offer-protection
60. TYPES OF PAYMENTS TARGETED
FOR FRAUD
Source: Assoc. of Financial Professionals Payments Fraud & Control Survey
62. TALLAHASSEE, Fla. —Attorney General Pam Bondi’s Office of Statewide Prosecution and the
Florida Department of Law Enforcement today announced the arrests of four suspects accused of
travelling acro ss Florida to steal hundreds of rent checks. According to FDLE’s two - year
investigation, the defendants worked nights and weekends to retrieve money orders and cashier’s
checks from drop boxes. The theft crews allegedly targeted apartment complexes or rental
communities having drop boxes, striking when payments were due at the end of the month. The
investigation revealed that the defendants targeted apartments in Broward, Charlotte, Collier, Duval,
Hillsborough, Lee, Osceola, Polk and Sarasota counties.
The defendants allegedly used long metal rods affixed with a sticky material to fish payments from
drop boxes, altered and deposited the checks in 38 identified bank accounts and immediately
withdrew the cash. The thefts were not usually discovered until the landlord asked tenants for t he
overdue rental payments.
According to the investigation, the defendants deposited some 443 money orders and two cashier’s
checks totaling more than $200,000 into their accounts.
65. 250 Hyatt hotels infected last year with payment data stealing malware
The hotel chain has admitted that 250 hotels in 54 countries were affected by the data breach.
By Charlie Osborne for Zero Day | January 15, 2016 -- 13:29 GMT (05:29 PST) | Topic: Security
The Hyatt hotel chain has revealed that almost half of its properties were infected with malware last year and
customer financial data may have been stolen.
According to the company, 318 hotels out of 627 in the firm's portfolio were infected with information-stealing
malware from August 13 to December 8, 2015. Some locations may have been affected as early as July 30, 2015.
China, India and the United States are at the top of the list for malware-ridden hotel systems, with 22, 20 and 99
infected sites respectively.
Hyatt says that following an investigation, "signs of unauthorized access to payment card data from cards used onsite
at certain Hyatt-managed locations" were discovered.
While malware was exposed mainly at restaurants, some spas, parking, golf shops, front desk reception systems and
sales offices were also impacted.
The chain says the malware in question was designed to steal financial data including cardholder names, card
numbers, expiration dates and internal verification codes, which are used onsite to verify transactions. According to
the company, the malicious code harvested credentials as they passed through Hyatt's infected payment processing
systems.
66. Malware hits 20 major hotels,
customer data may be stolen
http://betanews.com/2016/08/16/malware-20-us-hotels-ei-hotels-and-restaurants/
• As many as 20 hotels in the US have
been hit by malware, and fears are
spreading that customer data,
including credit card information, was
stolen.
• According to a Reuters report, hotels
under attack include Starwood,
Marriott, Hyatt and Intercontinental -
- all part of the HEI Hotels &
Restaurants.
• A total of 12 Starwood hotels were
affected, six Marriott Internationals,
one Hyatt Hotel and one
InterContinental Hotels Group, with
the malware being in operation from
March 1 2015, to June 21, 2016.
Fourteen hotels were infected during
December last year.
67. Malware Found on the PoS Systems at Hard Rock Hotel & Casino
Hotel chain urges customers to watch out for card fraud
Jun 28, 2016 23:05 GMT · By Catalin Cimpanu
http://news.softpedia.com/news/malware-found-on-the-pos-systems-at-hard-rock-hotel-casino-505770.shtml#ixzz4DBeWTOJp
Card scraping malware at the heart of the incident
• The hotel chain admits us that
clients who stayed or used their
payment cards at the hotel's
restaurant and retail outlets
between October 27, 2015, and
March 21, 2016, could be
affected.
The malware can collect card
details such as the cardholder's
name, card number, expiration
date, and internal verification
code.
68. Home Depot Says Electronic Outage
Slowed Card Purchases
By: Associated Press
April 9, 2016
• In 2014, the Atlanta-based retailer reported a
massive, months-long breach that affected 56
million debit and credit cards. The company
said that hackers had accessed the company's
network using a third-party vendor's
username and password.
71. Debit Cards
• Do not link any account to your debit card as
overdraft protection.
• Instead, transfer funds into your account tied
to your debit card … when needed.
• Use Credit Cards, when possible.
75. Scott Signs Bills on Credit Card Skimmers
• And a law that takes effect Oct. 1 will require security
devices on gas pumps to prevent illegal credit card
skimmers. The legislation was a top priority for
Agriculture Commissioner Adam Putnam, whose
department has been investigating the use of skimmers
to steal credit card information.
• http://www.wctv.tv/home/headlines/Scott-Signs-Bills-on-Credit-Card-Skimmers-Police-
Seizures-374309251.html
• By: Associated Press
April 1, 2016
76. Printers, copiers are data gold mines for identity thieves
By Alan Johnson The Columbus Dispatch • Saturday January 10, 2015 5:56 AM
All the things you copy at home and the office — tax returns, medical records, financial
information and more — could end up in someone else’s hands.
That’s because copiers and fax machines, like computers, contain hard drives capable of
storing a large volume of digital information.
Nearly all copiers made since 2002 for business use, and some for home use, contain a hard
drive that can store every copy made, item printed or fax scanned. While the information
might be encrypted, it’s not usually a challenge for hackers to access details, including Social
Security and telephone numbers, bank accounts and credit-card numbers, according to digital
experts.
79. City of Midway
Loses $24,000 to Scammers
Janmaris Perez / Updated Jun 10, 2016 / WTXL
• Forged checks that were identical to those used
by the City
• City Manager Ford says the city will be taking
definitive action in response to the scam to
ensure this does not happen again. This includes
changing current account numbers and
implementing a new system for those
submitting checks who will be honored by the
bank
80. You Probably Can't 'Prevent' Cyberattacks,
But Here's What You Can Do
• There are four kinds of controls in all:
preventive, detective, corrective and
compensatory.
• A preventive control acts like a barrier to an
attack. Security awareness training is another
excellent example of a preventive control.
• Detective controls are easier - they detect.
They know the door has been opened (i.e. a
motion detector) and they either close it or
alert someone. Other examples of detective
controls include a system's monitoring
applications, intrusion detection systems,
and even anti-virus and anti-malware
solutions.
• Corrective controls fix or restore the
environment. For example, applying the
right security patches and upgrades is a
corrective control. Restoring your data
from backup is another corrective control.
• Compensatory controls are those
designed to compensate for some of the
damage. A disaster recovery site is a
compensatory control. Cyber insurance
can also be a compensatory control. Even
a backup generator, a second set of
servers or computers, or the ability to
switch over operations to another
country, are compensatory controls.
• http://www.americanbanker.com/bankthink/you-probably-cant-prevent-
cyberattacks-but-heres-what-you-can-do-1091370-
1.html?utm_medium=email&ET=americanbanker:e7665966:4495691a:&ut
m_source=newsletter&utm_campaign=daily%20briefing-
sep%2020%202016&st=email&eid=fde53dfe86654ae08b6cdc3d7e83eee0
9/19/2016
84. IBM’s TRUSTEER RAPPORT
ACCOUNT PROTECTION
Shielding your PC from fraudsters is free.
Rapport performs three key security steps:
1. Keystrokes are encrypted as soon as the keys are pressed,
defeating key-logging malware programs.
2. Web sites are authenticated before any login details are
transmitted, ensuring passwords are not compromised.
3. Data is secured within the browser until it has been submitted
to the verified, legitimate web site, preventing unauthorized
access to sensitive data.
86. TREASURY ACTIVITY ALERTS
Treasury Management tools can provide automatic alerts for:
1. Outgoing Wires
2. Outgoing ACH transactions
3. ACH Profiles – changes, additions and deletions
4. Commercial Loan payments and advances
If you use Treasury Solution Dual Administration, alerts can be set up
by the Administrator to let them know when changes occur.
The Dual Administration feature is optional, but highly recommended.
We recommend a multi-layered approach for security measures to protect
your accounts. There are built-in security measures, from login to
administrative audit control; & each client must decide what is appropriate
for their situation.
87. www.Business Shield.org
• Business Identity Theft
starts with the
fraudulent alteration of
your business’s
Secretary of State filings
which are not
monitored by any
current identity theft
service.
(Not affiliated with Hancock Bank)
88. INTERNAL VIGILANCE &
EMPLOYEE FIREWALLS
Your company needs more than strong security
procedures; each employee must function as an
‘employee firewall’ at their workstation.
Remember, your employees trust the Internet and
social media; this makes the Internet one of the
greatest security risks to your business.
89. INTERNAL PROCEDURES
Separate duties between staff that issue payments vs. those that reconcile
the bank accounts.
Require Dual Authorization for all monetary transactions; your bank requires
it on all ACH and wire transfers.
Conduct a Daily Transaction Review for all outgoing items!
(ACH, wires, and checks)
Remotely Deposited Checks – Void/secure checks once they are remotely
deposited and destroy them according to your bank’s retention period.
Validate Vendor Information by requiring confirmation prior to paying an
invoice from a new vendor or processing a change of address request.
90. Tech-Based
Cybersecurity
Can't Stop
'People Risk'
• Research shows that while
technology may be
necessary to keep malware,
viruses and other forms of
electronic intrusion at bay,
it is insufficient. That is
because the weakest link
often turns out to be
people who are either
careless or not properly
trained in cybersecurity
processes.
To fend off cyberattacks requires
more than the best anti-virus
technology — it also demands a
shift in culture.
http://www.americanbanker.com/ban
kthink/tech-based-cybersecurity-cant-
stop-people-risk-1090314-
1.html?utm_medium=email&ET=amer
icanbanker:e7229037:4495691a:&utm
_source=newsletter&utm_campaign=d
aily%20briefing-
jul%2025%202016&st=email&eid=fde
53dfe86654ae08b6cdc3d7e83eee0
91. Get the app: http://newsfusion.com/cyber-security
CONCLUSION
“Consider focusing more on people than technology.
Try to use brevity, humor and other modes of engagement to help users
understand the organization’s security and privacy challenges.”
-Chief Information Officer, Deloitte Services, LP 2014 Transforming
Cybersecurity Report
“Cybercrime is a clear, present and permanent danger.
While it’s a permanent condition, however, the actors, threats,
and techniques are very dynamic.”
-Tom Ridge, former Secretary of the Dept. of Homeland Security, 2014 US
State of Cybercrime Survey
